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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application. Please amend the claims as follows: 

Listing of Claims: 

1 . (Currently Amended) A method for transmitting Internet Key Exchange (IKE) 
data packets across a network comprising the steps of: 

receiving a vendor identification value: 

in response to receiving the vendor identification value, determining that IKE 
fragmentation is capable: 

generating and transmitting an IKE packet over a network , the IKE packet having an 
original IKE header ; 

determining whether a response to the IKE packet was received; 

fragmenting the IKE packet into a plurality of smaller packets when a response is not 
received, wherein each of the smaller packets includes a header formatted according to the IKE 
protocol; and 

transmitting each of the plurality of smaller packets over a network. 

2. (Currently Amended) The method of claim 1 wherein each of the smaller packets 
includes a header formatted according to the IKE protocol and each of the headers formatted 
according to the IKE protocol w horoin oach h e ad e r includes an identifier that may be used to 
associate the smaller packet with a- eorrespondi i» g the IKE packet. 

3 . (Currently Amended) A network node that communicates with other network 
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nodes according to the Internet Key Exchange (IKE) protocol comprising: 

a User Datagram Protocol (UDP) stack that is capable of generating UDP data packets for 
transmission over a network; 

an IKE protocol stack that generates IKE data packets that are subsequently processed by 
the UDP protocol stack; and 

a fragmenter module that intercepts IKE data packets prior to being processed by the 
UDP protocol stack and splits the IKE data packets into a plurality of smaller data packets that 
may be subsequently formatted by the UDP protocol stack; 

wherein the fragmenter module does not split the IKE data packets unless no response to 
a previously-sent IKE,data packet has been received; and 

wherein each of the plurality of smaller data packets includes a header formatted 
according to the IKE protocol and state information for network address translator processin g. 

4. (Canceled) 

5. (Canceled) 

6. (Currently Amended) A method for receiving fragmented Internet Key Exchange 
(IKE) data packets comprising the steps of: 

sending a vendor identification value, the vendor identification value indicating IKE 
fragmentation capability: 

receiving a plurality of fragments of an IKE data packet from a transmitting node, 

wherein each fragment includes an identifier that associates each fragment with an IKE data 
packet; 

discarding all fragments that contain a first identifier if a predetermined number of 

3 
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fragments are received that contain a second identifier; and 

determining the total size of all fragments that contain the same identifier and discarding 
said fragments when the total size exceeds a predetermined limit. 

7. (Original) The method according to claim 6 wherein the step of discarding all 
fragments that contain a first identifier is performed when at least one fragment is received that 
contains a second identifier. 

8. (Original) The method according to claim 6 further comprising the steps of: 
determining whether all fragments that are associated with an IKE data packet have been 

received; and 

sending a no acknowledgment (NAK) message to the transmitting node when at least one . 
fragment has not been received. . 

9. (Canceled) 

1 0. (Previously presented) The method according to claim 6 wherein the 
predetermined limit is 64 kilobytes. 

1 1 . (Currently Amended) A system for transmitting Internet Key Exchange (IKE) 
protocol data packets across a network comprising: 

means for generating an IKE packet; 

means for initializing, operating, and monitoring a timer; 

means for detecting whether the IKE packet was successfully received at the intended 
receiver node before die expiration of the timer, aad 

means for fragmenting the IKE packets into smaller packets when the IKE packet was not 
successfully received at the receiver node feefbro - tho expiration of th e timer, wh eg oifl - oaoh of the 

4 
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small e r pack e ts includ e s - iflfegmation that - pOHni^ s- a ^ ooot - vcr - nodo to identify tho IKE pack e t 
assoe k i od - with each smaller packet and th e position of each smaller packet within-tho-IKE 
pack e t. 

means for adding a separate IKE fragment header to each of the smaller packets: 

means for adding state information to each of the smaller packets for network address 

translator processing; 

means for adding a separate User Datagram Protocol header to each of the plurality of 
smaller packets; and 

means for transmitting each of the plurality of smaller packets over a network. 

12. (Original) The system of claim 1 1 further comprising means for determining^ 
the capability of the receiver node for receiving fragmented packets. 

13. (Currently Amended) A method for transmitting data packets across a network 
comprising the steps of: 

generating and transmitting an Internet Key Exchange (IKE) packet over a networ k, the 
IKE packet having an original IKE header : 

determining whether a response to the IKE packet was received; 

fragmenting the IKE packet into a plurality of smaller packets when a response is not 
received^-asd; 

adding a separate IKE fragment header to each of the plurality of smaller packets, 
wherein one of the plurality of smaller packets includes the original IKE header; 

adding state information to each of the plurality of smaller packets for network address 
translator processing: 

adding a separate User Datagram Protocol header to each of the plurality of smaller 

5 
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packets; and 

transmitting each of the plurality of smaller packets over a network. 
14-15. (Canceled) 

1 6. (Currently Amended) The method of claim [[1 5]] 13 wherein the plurality of 
smaller packets contain the same information as that contained within the original IKE packet. 

17. (Canceled) 

1 8. (Currently Amended) A method for transmitting data packets across a network 
comprising the steps of: 

receiving a vendor identification value; 

in response to receiving the vendor identification value, determining that IKE 
fragmentation is capable; 

generating a data packet containing Internet Key Exchange (IKE) informatio n the data - 
packet having an original IKE header ; 

initializing a timer; 

determining, based at least in part on the expiration of the timer, whether fragmentation 
of the data packet is necessary to successfully transmit the IKE information over a network; and 

fragmenting the data packet if necessary into a plurality of smaller packets that may be 
transmitted over a network; 

adding a separate IKE fragment header to each of the plurality of smaller packets, 
wherein one of the plurality of smaller packets includes the original IKE header: 

adding state information to each of the plurality of smaller packets for network address 
translator. processing; and 

adding a separate User Datagram Protocol header to each of the plurality of smaller 

6 
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packets; and 

transmitting each of the plurality of smaller packets over a network , 

19. (Canceled) 

20. (Canceled) 

21. (Canceled) 

22. (Currently Amended) A method for intelligently discarding fragmented Internet 
Key Exchange (IKE) data packets to efficiently manage resources comprising: 

sending a vendor identification value, the vendor identification value indicating IKE 
fragmentation capability; 

receiving a plurality of fragments of a single IKE data packet, wherein the -fragments " 
were transmitted from a transmitting node in an order that can be determined from information 
contained within the received fragments; 

determining from information contained within the received fragments whether any of 
the received fragments have been received in an order that differs from the order in which the 
fragments were transmitted from the transmitting node; and 

discarding at least certain of the received fragments when a predetermined number of out 
of order fragments from a single IKE data packet have been received. 

23. (Previously Presented) The method of claim 22 further including the step 
of sending a message to the transmitting node that out of order packets have been received. 
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